package servlets;

import java.io.IOException;
import java.io.PrintWriter;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import commands.GetUserCommand;

import database.User;


/**
 * AuthenticationServlet implementation class ServerServlet -
 * check the validation of the user and its password (authentication)
 * answer urls: .../AuthenticationServlet/*
 */

public class AuthenticationServlet extends HttpServlet {
	private static final long serialVersionUID = 1L;
	
	private GetUserCommand getUserCommand = new GetUserCommand();
       
    /**
     * constructor
     * @see HttpServlet#HttpServlet()
     */
    public AuthenticationServlet() {
        super();
        // TODO Auto-generated constructor stub
    }

	/**
	 * url: .../userName/password
	 * if there is no such user return to the client "user not exist". if the password is the real
	 * password of the user - return to the client "true", else return to the client "wrong password".
	 * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
	 */
	protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		// TODO Auto-generated method stub
		response.setContentType("text/html");
        response.setStatus(HttpServletResponse.SC_OK);
        
        String withoutLast = request.getRequestURI().substring(0,request.getRequestURI().lastIndexOf("/"));
        String userID = withoutLast.substring(withoutLast.lastIndexOf("/")+1);
        String password = request.getRequestURI().substring(request.getRequestURI().lastIndexOf("/")+1);
        
        PrintWriter out = response.getWriter();
        
        User user = getUserCommand.action(userID);
        
        //return the answer to the client
        out.println(checkPassword(userID, password));
        
        out.close();
        
	}

	/**
	 * do nothing
	 * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
	 */
	protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		// TODO Auto-generated method stub
        response.setContentType("text/html;charset=UTF-8");
       
	}
	
	
	/***
	 * check the validation of the user and his password 
	 * @param userID - a user name
	 * @param password - a password
	 * @return if there is no such user return "user not exist". if the password is the real
	 * password of the user - return "true", else return "wrong password".
	 */

	public String checkPassword(String userID,String password)
	{
		User user = new GetUserCommand().action(userID);
		
		if (user==null)
			return "user not exist";
	           
	    if (user.getPassword().equals(password))
	    	return "true";
	    
	    return "wrong password";
	    
	}

}
